CVE-2003-1550

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message.

Ссылки

http://marc.info/?l=bugtraq&m=104820295115420&w=2
Exploit
http://marc.info/?l=bugtraq&m=104887510828106&w=2
http://secunia.com/advisories/8353
Vendor Advisory
http://www.security-corporation.com/index.php?id=advisories&a=011-FR
http://www.securityfocus.com/bid/7149
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/11587
http://marc.info/?l=bugtraq&m=104820295115420&w=2
Exploit
http://marc.info/?l=bugtraq&m=104887510828106&w=2
http://secunia.com/advisories/8353
Vendor Advisory
http://www.security-corporation.com/index.php?id=advisories&a=011-FR
http://www.securityfocus.com/bid/7149
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/11587

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xoops:xoops:*:*:*:*:*:*:*:*

Версия до 2.0 (включая)

EPSS

Процентиль: 90%

0.06202

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2jg3-c745-q45w

github

больше 3 лет назад